package com.study.springBoot.module.admin.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
@RequestMapping("/admin")
@PreAuthorize("hasRole('ADMIN')") // Spring Security默认的角色前缀是”ROLE_”,使用hasRole方法时已经默认加上了
public class AdminHomeController {
    @PreAuthorize("hasRole('ADMIN')")
    @RequestMapping("")
    @ResponseBody
    public String index() {
        return "admin home page";
    }

    @PreAuthorize("hasRole('ADMIN')")
    @RequestMapping("hello")
    @ResponseBody
    public String hello() {
        return "admin hello";
    }
}
